Reviewing and Resolving a Vulnerability
Last updated
Last updated
You can access vulnerabilities at any time from either the or the .
From either page you will be directed to a table that shows the project/repo the vulnerability was identified in, a short description, file path, severity level, author and which scanner identified it.
Select the hyperlink under "project/repo" for the row in question to be directed to the specific vulnerability you'd like to remediate.
Once you are on the vulnerability page you will see a brief summary and links to the respective CVE database and reference url if available. Additional details related to the commit & created date/time identified, language, category and specific rows of code affected will be presented to speed up your review.
When you are ready to remediate the CVE click the filepath at the top of the page just above the "Actions | Fix the Issue" buttons that looks like this:
This will take you directly back into Github for the specific file in question where you can remediate the issue and recommit your code for review from your team. No more having to remember which branch or repo you need to do a PR on, Codefortify handles all of that for you and takes you directly to the file in question.
Once you've remediated the issue, select the "Fix the Issue" button in the Vulnerability Details page to mark as completed and your dashboard will update accordingly.
